Captive-Portal: add captive chains to firewall initscript

When loading the initscript of the firewall the neccessary chains for
the captive portalneed to be created.

Signed-off-by: Alexander Marx <alexander.marx@ipfire.org>

diff --git a/src/initscripts/init.d/firewall b/src/initscripts/init.d/firewall
index cb52670d6a5e42c5dbf7fd809fd1350d66a8a00d..18da870ef12a35a7c19ae2e848d78948f37862c8 100644 (file)
--- a/src/initscripts/init.d/firewall
+++ b/src/initscripts/init.d/firewall
@@ -217,6 +217,13 @@ iptables_init() {
                iptables -A ${i} -j LOOPBACK
        done
 
+       # Captive portal
+       iptables -N CAPTIVE_PORTAL
+       iptables -N CAPTIVE_PORTAL_CLIENTS
+       for i in INPUT FORWARD; do
+               iptables -A ${i} -j CAPTIVE_PORTAL
+       done
+
        # Accept everything connected
        for i in INPUT FORWARD OUTPUT; do
                iptables -A ${i} -j CONNTRACK
@@ -330,6 +337,10 @@ iptables_init() {
        iptables -N UPNPFW
        iptables -A FORWARD -m conntrack --ctstate NEW -j UPNPFW
 
+       # Captive Portal
+       iptables -t nat -N CAPTIVE_PORTAL
+       iptables -t nat -A PREROUTING -j CAPTIVE_PORTAL
+
        # RED chain, used for the red interface
        iptables -N REDINPUT
        iptables -A INPUT -j REDINPUT